1. Field of the Invention
The present invention is in the field of acquiring a service offered over a data network.
This invention starts out from a method known e.g. from the brochure “Geldkarte im Netz” from the year 2000 published by the applicant. This describes paying for a service to be ordered over the Internet by means of a cash card. A simplified procedure for a payment process is shown on the fourth page of the brochure. Thus, a home computer is used to order a service over the Internet from a service provider, e.g. an information service or online shop. The service provider then turns to a payment center, initiating the execution of a payment process there. The payment center now makes a connection with the cash card over the Internet, the home computer and a card reader connected thereto and debits the required amount to be paid to said card. Successful payment is then acknowledged by the payment center to the service provider, which finally delivers the requested service.
2. Description of the Background Art
The known method is safe with respect to the actual transaction phase involving transfer of the amount to be paid from the cash card to the payment center, i.e. transfer of a contribution necessary for acquiring the service from a transaction medium to a clearing center. However, the method does not secure the ordering process preceding the transaction phase. The certainty that a service delivered by the service provider is actually that ordered by a user and that the subsequently transferred amount of money matches that previously agreed on must be separately effected between user and service provider. If no securing measures are taken, an attack on the ordering/delivery process can consist for example in a service delivered by the service provider benefiting the attacker instead of the original customer.
Techniques for securing the ordering process are fundamentally known. One tried method is for example the encryption of the data exchange. However, known techniques are all independent island solutions making it necessary in particular that the service provider keep a complementary counterpart available for each island solution employable on a user side.